Owncloud: Difference between revisions

From miki
Jump to navigation Jump to search
 
(19 intermediate revisions by the same user not shown)
Line 8: Line 8:
* [http://dmfs.org/carddav/ CardDAV-Sync] — Another CardDAV sync app for Android (free / paid).
* [http://dmfs.org/carddav/ CardDAV-Sync] — Another CardDAV sync app for Android (free / paid).


Alternatives:
== Install ==
* [https://kiramclean.com/blog/how-to-set-up-your-own-nextcloud-server/ Nextcloud], here a complete setup example (with backup, etc).

== Install Owncloud Server ==


=== Install packages ===
=== Install packages ===
Line 37: Line 40:


=== Configuration ===
=== Configuration ===
{{todo|Consider installing '''Redis''' [https://doc.owncloud.org/server/9.0/admin_manual/configuration_server/caching_configuration.html#id4] as caching server.}}

When installed, ''Owncloud'' is available at URL http://localhost/owncloud/.
When installed, ''Owncloud'' is available at URL http://localhost/owncloud/.
This is configured in apache2 file {{file|/etc/apache2/conf-available/owncloud.conf}}:
This is configured in apache2 file {{file|/etc/apache2/conf-available/owncloud.conf}}:
Line 108: Line 113:
* Enter MySQL '''user name''', '''password''', '''database name'''. Keep <code>localhost</code> for the DB server name.
* Enter MySQL '''user name''', '''password''', '''database name'''. Keep <code>localhost</code> for the DB server name.
* Click '''Finish setup'''.
* Click '''Finish setup'''.

Owncloud also requires running a cron job at regular interval [https://doc.owncloud.org/server/9.0/admin_manual/configuration_server/background_jobs_configuration.html]:
<source lang="bash">
crontab -u www-data -e
# Add the line:
#
# */15 * * * * php -f /var/www/owncloud/cron.php
</source>
In particular this cron job may help fixing file locking issue (error <code>File is locked</code> [https://central.owncloud.org/t/file-is-locked-how-to-unlock/985]).

=== Upgrade from 9 to 10 on debian 8.0 Jessie ===
We mostly follow the procedure in OwnCloud manual [https://doc.owncloud.com/server/admin_manual/maintenance/manual_upgrade.html]. First change repository to v10:
<source lang="bash">
echo "deb http://download.owncloud.org/download/repositories/10.0/Debian_8.0/ /" > /etc/apt/sources.list.d/owncloud.list
apt update
</source>

In principle we should first disable 3rd-party app. We don't, just hoping for the best...
<source lang="bash">
# Get a list of installed app...
cd /var/www/owncloud
sudo -u www-data php occ app:list
</source>

Enable maintenance mode and disable web server:
<source lang="bash">
sudo -u www-data php occ maintenance:mode --on
service apache2 stop
</source>

Backup the old configuration (we must at least keep {{file|config/config.php}}):
<source lang="bash">
mv /var/www/owncloud /var/www/owncloud-old-9.0.11
tar cvzf /root/backup/var_www_owncloud-9.0.11.tgz /var/www/owncloud-old-9.0.11
mysqldump -uowncloud_immie -p owncloud_immie | gzip > /root/backup/owncloud_immie-9.0.11.sql.gz
</source>

Upgrade:
<source lang="bash">
# Upgrade package
sudo apt dist-upgrade
sudo chown -R www-data:www-data /var/www/owncloud

# Restore the config and run the upgrade
cd /var/www/owncloud
cp /var/www/owncloud-old-9.0.11/config/config.php /var/www/owncloud/config
# ... AND RESTORE THE DATA!!!
cp /var/www/owncloud-old-9.0.11/data /var/www/owncloud/
sudo -u www-data php occ upgrade

# We have some issues with 3rd-party app, disable and resume:
sudo -u www-data php occ app:disable documents
sudo -u www-data php occ app:disable news
sudo -u www-data php occ upgrade
</source>

Everything is fine, restart the server:
<source lang="bash">
sudo -u www-data php occ maintenance:mode --off
sudo service apache2 start
</source>

;Troubleshoot
* After upgrade, all clients failed sync because of file not found.
* Did a *hard reset* of all clients:
:* Delete all clients data and metadata.
:* On server, delete all files (had some <code>file locked</code> issue).
:* Reinstall the clients.
:* Import back the files.
* {{red|'''Whoopsie...'''}} Turned out we forgot to restore the files from previous install. Should have done <code>cp /var/www/owncloud-old-9.0.11/data /var/www/owncloud/</code> before upgrading.

== Issues ==
=== Download failed ===
* Suddenly on Owncloud client, any file downloaded says "Download failed".
* Solution: https://central.owncloud.org/t/download-failed-unknown-error/47935/5
* Add <code>SetEnv ap_trust_cgilike_cl</code> to {{file|/var/www/owncloud/.htaccess}}.

== Install Owncloud Client ==
From the repository:
<source lang=bash>
sudo apt install owncloud-client
</source>

On Bionic Beaver, there is a missing dependency. Package {{deb|libgnome-keyring0}} must be installed as well:
<source lang=bash>
sudo apt install owncloud-client libgnome-keyring0
</source>

However version <code>2.1.1+dfsg-1ubuntu1.1</code> in Ubuntu Xenial is broken (fails to reconnect after suspend), and version in Zesty has too many dependencies. We rebuild from the sources:
<source lang=bash>
apt source -t zesty owncloud-client
cd owncloud-client-2.2.4+dfsg/
# We must disable a test (check_vio_ext) because it gives a segfault:
#
# Start 18: check_vio_ext
# 18/36 Test #18: check_vio_ext ....................***Exception: SegFault 0.31 sec
# [==========] Running 4 test(s).
# [ RUN ] check_readdir_shorttree
# Test failed with exception: Segmentation fault
# C:/tmp/csync_test/alibaba
# [ FAILED ] check_readdir_shorttree
# ================== Tearing down!
#
# [ RUN ] check_readdir_with_content
#
vi csync/tests/CMakeLists.txt # COMMENT OUT the line as shown below
# ...
# add_cmocka_test(check_vio_file_stat vio_tests/check_vio_file_stat.c ${TEST_TARGET_LIBRARIES})
# add_cmocka_test(check_vio vio_tests/check_vio.c ${TEST_TARGET_LIBRARIES})
# # add_cmocka_test(check_vio_ext vio_tests/check_vio_ext.c ${TEST_TARGET_LIBRARIES})
# ...
sudo apt build-dep owncloud-client # WRITE DOWN the list of packages!
dpkg-buildpackage -rfakeroot -b
sudo dpkg -i owncloud-client_2.2.4+dfsg-2ubuntu2_amd64.deb owncloud-client-l10n_2.2.4+dfsg-2ubuntu2_all.deb libowncloudsync0_2.2.4+dfsg-2ubuntu2_amd64.deb
sudo apt install -f
sudo apt remove owncloud-client-cmd owncloud-client-data owncloud-client-doc
sudo apt remove automoc ... # Remove builddeps (175MB!) - Same list as installed by build-dep
top
</source>

== Maintenance or Upgrade ==
When upgrading with <code>apt-get dist-upgrade</code>, we get the message:

<source lang=text>
Leaving server in maintenance mode. Please run occ upgrade manually.

See https://doc.owncloud.org/server/9.0/admin_manual/maintenance/upgrade.html

ownCloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Maintenance mode enabled
</source>

To upgrade:

<source lang=bash>
cd /var/www/owncloud
sudo -u www-data php occ upgrade
sudo -u www-data php occ status
sudo -u www-data php occ maintenance:mode --off
sudo -u www-data php occ status # Check that server is no longer in maintenance mode
</source>


== Hardening ==
== Hardening ==
See [[Linux Security]].
See [[Linux Security]].


== CalDav applications (contacts / calendar) ==
== Contacts App ==
Contacts is an application that must be installed via the admin account.
Contacts and Calendar are applications that must be installed via the admin account.


To synchronize with other applications, you often require the DAV URL on Owncloud:
To synchronize with other applications, you often require the DAV URL on Owncloud:
Line 122: Line 269:


=== Sync with Thunderbird ===
=== Sync with Thunderbird ===
Reference: [https://doc.owncloud.org/server/7.0/user_manual/pim/sync_thunderbird.html Thunderbird - Synchronize Addressbook]
To synchronize with '''Thunderbird''', click on '''Address Book''' to show up the address book window. Then,

* click on '''File &rarr; New &rarr; Remote Address Book'''.
To synchronize with '''Thunderbird''', first install the following extensions:
* Enter a '''name'''.
* [http://www.sogo.nu/downloads/frontends.html SOGO Connector]
* Enter '''URL''' copied above.
* [https://addons.mozilla.org/en-US/thunderbird/addon/lightning/ Lightning] (calendar extension)
* Select other options as desired (for instance sync period).

Then, in TB,
* click on '''Address Book''' to show up the address book window;
* click on '''File &rarr; New &rarr; Remote Address Book''';
* enter a '''name''';
* enter your '''DAV URL'''; and
* select other options as desired (for instance sync period).

;Multiple calendars
* TB cannot import multiple calendars from different owncloud accounts. It can only import from a single account.
* To import calendars from different own different owncloud accounts, first '''share''' these accounts in Owncloud, then import the shared calendar from your account.


=== Sync with Android ===
=== Sync with Android ===
Line 146: Line 304:
* Owncloud username
* Owncloud username
* Owncloud password
* Owncloud password

;Troubleshoot
* Samsung Alpha, getting message <code>S Planner has stopped</code> when adding new entry to sync'ed calendar.
: Go to ''Application Manager &larr; all'', and '''force stop''' + '''clear cache''' + 'clear data''' for the following applications: ''Calendar'', ''Calendar storage'', ''DAVdroid'', ''S Planner'' (2x), ''Samsung Calendar SyncAdapter''.


=== Sync with Outlook ===
=== Sync with Outlook ===
Use [http://sourceforge.net/projects/outlookcaldavsynchronizer/ Outlook CalDav Synchronizer] to synchronize Outlook contacts with Owncloud.
Use [http://sourceforge.net/projects/outlookcaldavsynchronizer/ Outlook CalDav Synchronizer] to synchronize Outlook contacts and calendars with Owncloud.


* In Outlook, go to '''People''' pane, and create a new contact folder, for instance named '''<code>Owncloud</code>'''.
* In Outlook, go to '''People''' pane, and create a new contact folder, for instance named '''<code>Owncloud</code>'''.
Line 154: Line 316:
* Click '''Add new profile'''. For Owncloud, we enter the following settings:
* Click '''Add new profile'''. For Owncloud, we enter the following settings:
:* Select profile type '''Generic CalDAV/CardDAV'''.
:* Select profile type '''Generic CalDAV/CardDAV'''.
:* Enter DAV Url, something like '''<code>https://owncloud.immie.org/owncloud/remote.php/dav/addressbooks/users/XYZ/default/</code>'''.
:* Enter DAV Url, replace <code>XYZ</code> with user login:
::* '''<code>https://owncloud.immie.org/owncloud/remote.php/dav/addressbooks/users/XYZ/default/</code>''' for contacts.
::* '''<code>https://owncloud.immie.org/owncloud/remote.php/dav/calendars/XYZ/default/</code>''' for calendars.
:* Enter username and password.
:* Enter username and password.
:* Select '''Synchronize items immediately after change'''.
:* Select '''Synchronize items immediately after change'''.

;Troubleshoot
* <code>hexadecimal value 0x1E, is an invalid character </code> [https://sourceforge.net/p/outlookcaldavsynchronizer/tickets/517/ tickets 517]
:Fixed by browsing calendar on Owncloud web interface, narrowing down offending month, then week, then day. Delete all entries on that day.

Latest revision as of 11:07, 9 May 2024

References

Tools:

Also on GitHub.
  • CardDAV-Sync — Another CardDAV sync app for Android (free / paid).

Alternatives:

  • Nextcloud, here a complete setup example (with backup, etc).

Install Owncloud Server

Install packages

From Owncloud page, on Ubuntu:

wget -nv https://download.owncloud.org/download/repositories/stable/xUbuntu_14.04/Release.key -O Release.key
apt-key add - < Release.key
sh -c "echo 'deb http://download.owncloud.org/download/repositories/stable/xUbuntu_14.04/ /' >> /etc/apt/sources.list.d/owncloud.list"
apt-get update
apt-get install owncloud

On Debian 8:

wget -nv https://download.owncloud.org/download/repositories/9.0/Debian_8.0/Release.key -O Release.key
apt-key add - < Release.key
sh -c "echo 'deb http://download.owncloud.org/download/repositories/9.0/Debian_8.0/ /' >> /etc/apt/sources.list.d/owncloud.list"
apt-get update
apt-get install owncloud

Note:

  • Installing owncloud-files was not enough. Not sure what are the missing dependencies.

Optional:

  • Install php5-imagick to get image preview (but beware of recent vulnerabilities. See Linux security).

Configuration

 ☒  TODO: Consider installing Redis [1] as caching server.

When installed, Owncloud is available at URL http://localhost/owncloud/. This is configured in apache2 file /etc/apache2/conf-available/owncloud.conf:

Alias /owncloud "/var/www/owncloud/"
<Directory "/var/www/owncloud">
Options +FollowSymLinks
AllowOverride All

<IfModule mod_dav.c>
Dav off
</IfModule>

SetEnv HOME /var/www/owncloud
SetEnv HTTP_HOME /var/www/owncloud
</Directory>

<Directory "/var/www/owncloud/data/">
# just in case if .htaccess gets disabled
Require all denied
</Directory>

Note that owncloud files /var/www/owncloud are outside the regular http root (i.e. /var/www/html).


Before completing the installation, we first setup a virtual access to allow accessing Owncloud via HTTPS. This is also recommended for remote installs. For this create the file /etc/apache2/sites-available/owncloud.immie.org.conf, with content:

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName owncloud.immie.org

DocumentRoot /var/www/html

# Owncloud configuration: see conf-available/owncloud.conf

SSLCertificateFile      /etc/ssl/certs/ssl-cert-owncloud.immie.org.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-owncloud.immie.org.key

# ...

</VirtualHost>
</IfModule>

We only list the most relevant settings. Basically we only setup the server name and give the SSL certificates. For now, we leave File:/owncloud as a global alias.

Enable the site:

a2ensite owncloud.immie.org
service apache2 reload

We also need to create a new MySQL user and database for owncloud. This way owncloud will not use MySQL root access.

MYSQL_HISTFILE=/dev/null mysql --user=root -p mysql          # You'll need MySQL root user password
CREATE DATABASE owncloud_immie;
GRANT ALL PRIVILEGES ON owncloud_immie.* TO owncloud_immie@localhost IDENTIFIED BY '********************';
quit

Of course, replace ******************** with your own password.

Proceed to the URL https://owncloud.immie.org/owncloud:

  • Enter a new admin account user name and password.
  • Click on Storage & database
  • Keep data folder as is (/var/www/owncloud/data). Make sure it is outside web server root.
  • Select MySQL / MariaDB.
  • Enter MySQL user name, password, database name. Keep localhost for the DB server name.
  • Click Finish setup.

Owncloud also requires running a cron job at regular interval [2]:

crontab -u www-data -e
# Add the line:
#
# */15  *  *  *  * php -f /var/www/owncloud/cron.php

In particular this cron job may help fixing file locking issue (error File is locked [3]).

Upgrade from 9 to 10 on debian 8.0 Jessie

We mostly follow the procedure in OwnCloud manual [4]. First change repository to v10:

echo "deb http://download.owncloud.org/download/repositories/10.0/Debian_8.0/ /" > /etc/apt/sources.list.d/owncloud.list
apt update

In principle we should first disable 3rd-party app. We don't, just hoping for the best...

# Get a list of installed app...
cd /var/www/owncloud
sudo -u www-data php occ app:list

Enable maintenance mode and disable web server:

sudo -u www-data php occ maintenance:mode --on
service apache2 stop

Backup the old configuration (we must at least keep config/config.php):

mv /var/www/owncloud /var/www/owncloud-old-9.0.11
tar cvzf /root/backup/var_www_owncloud-9.0.11.tgz /var/www/owncloud-old-9.0.11
mysqldump -uowncloud_immie -p owncloud_immie | gzip > /root/backup/owncloud_immie-9.0.11.sql.gz

Upgrade:

# Upgrade package
sudo apt dist-upgrade
sudo chown -R www-data:www-data /var/www/owncloud

# Restore the config and run the upgrade
cd /var/www/owncloud
cp /var/www/owncloud-old-9.0.11/config/config.php /var/www/owncloud/config
# ... AND RESTORE THE DATA!!!
cp /var/www/owncloud-old-9.0.11/data /var/www/owncloud/
sudo -u www-data php occ upgrade

# We have some issues with 3rd-party app, disable and resume:
sudo -u www-data php occ app:disable documents
sudo -u www-data php occ app:disable news
sudo -u www-data php occ upgrade

Everything is fine, restart the server:

sudo -u www-data php occ maintenance:mode --off
sudo service apache2 start
Troubleshoot
  • After upgrade, all clients failed sync because of file not found.
  • Did a *hard reset* of all clients:
  • Delete all clients data and metadata.
  • On server, delete all files (had some file locked issue).
  • Reinstall the clients.
  • Import back the files.
  • Whoopsie... Turned out we forgot to restore the files from previous install. Should have done cp /var/www/owncloud-old-9.0.11/data /var/www/owncloud/ before upgrading.

Issues

Download failed

Install Owncloud Client

From the repository:

sudo apt install owncloud-client

On Bionic Beaver, there is a missing dependency. Package libgnome-keyring0 must be installed as well:

sudo apt install owncloud-client libgnome-keyring0

However version 2.1.1+dfsg-1ubuntu1.1 in Ubuntu Xenial is broken (fails to reconnect after suspend), and version in Zesty has too many dependencies. We rebuild from the sources:

apt source -t zesty owncloud-client
cd owncloud-client-2.2.4+dfsg/
# We must disable a test (check_vio_ext) because it gives a segfault:
# 
#       Start 18: check_vio_ext
# 18/36 Test #18: check_vio_ext ....................***Exception: SegFault  0.31 sec
# [==========] Running 4 test(s).
# [ RUN      ] check_readdir_shorttree
# Test failed with exception: Segmentation fault
#       C:/tmp/csync_test/alibaba
# [  FAILED  ] check_readdir_shorttree
# ================== Tearing down!
# 
# [ RUN      ] check_readdir_with_content
# 
vi csync/tests/CMakeLists.txt          # COMMENT OUT the line as shown below
# ...
# add_cmocka_test(check_vio_file_stat vio_tests/check_vio_file_stat.c ${TEST_TARGET_LIBRARIES})
# add_cmocka_test(check_vio vio_tests/check_vio.c ${TEST_TARGET_LIBRARIES})
# # add_cmocka_test(check_vio_ext vio_tests/check_vio_ext.c ${TEST_TARGET_LIBRARIES})
# ...
sudo apt build-dep owncloud-client     # WRITE DOWN the list of packages!
dpkg-buildpackage -rfakeroot -b
sudo dpkg -i owncloud-client_2.2.4+dfsg-2ubuntu2_amd64.deb owncloud-client-l10n_2.2.4+dfsg-2ubuntu2_all.deb libowncloudsync0_2.2.4+dfsg-2ubuntu2_amd64.deb
sudo apt install -f
sudo apt remove owncloud-client-cmd owncloud-client-data owncloud-client-doc
sudo apt remove automoc ...            # Remove builddeps (175MB!) - Same list as installed by build-dep
top

Maintenance or Upgrade

When upgrading with apt-get dist-upgrade, we get the message:

Leaving server in maintenance mode. Please run occ upgrade manually.

See https://doc.owncloud.org/server/9.0/admin_manual/maintenance/upgrade.html

ownCloud or one of the apps require upgrade - only a limited number of commands are available
You may use your browser or the occ upgrade command to do the upgrade
Maintenance mode enabled

To upgrade:

cd /var/www/owncloud
sudo -u www-data php occ upgrade
sudo -u www-data php occ status
sudo -u www-data php occ maintenance:mode --off
sudo -u www-data php occ status                     # Check that server is no longer in maintenance mode

Hardening

See Linux Security.

CalDav applications (contacts / calendar)

Contacts and Calendar are applications that must be installed via the admin account.

To synchronize with other applications, you often require the DAV URL on Owncloud:

  • Open your Owncloud account, and go to Contacts application.
  • In the bottom left corner, click Settings
  • Then click on the chain link icon labelled show URL, and copy the URL.
The URL is something like https://owncloud.immie.org/owncloud/remote.php/dav/addressbooks/users/xyz/default/.

Sync with Thunderbird

Reference: Thunderbird - Synchronize Addressbook

To synchronize with Thunderbird, first install the following extensions:

Then, in TB,

  • click on Address Book to show up the address book window;
  • click on File → New → Remote Address Book;
  • enter a name;
  • enter your DAV URL; and
  • select other options as desired (for instance sync period).
Multiple calendars
  • TB cannot import multiple calendars from different owncloud accounts. It can only import from a single account.
  • To import calendars from different own different owncloud accounts, first share these accounts in Owncloud, then import the shared calendar from your account.

Sync with Android

I use the (non-free) application DAVDroid.

To ease setup of the DAVDroid account with Owncloud [5], I configure the well-known URL in Apache. This require that the server responds to addresses

To setup these addresses, add to /etc/apache2/sites-available/owncloud.immie.org.conf:

Redirect 301 /.well-known/carddav /owncloud/remote.php/dav
Redirect 301 /.well-known/caldav /owncloud/remote.php/dav

Now, in DAVDroid, setup the account with:

Troubleshoot
  • Samsung Alpha, getting message S Planner has stopped when adding new entry to sync'ed calendar.
Go to Application Manager ← all, and force stop + clear cache + 'clear data for the following applications: Calendar, Calendar storage, DAVdroid, S Planner (2x), Samsung Calendar SyncAdapter.

Sync with Outlook

Use Outlook CalDav Synchronizer to synchronize Outlook contacts and calendars with Owncloud.

  • In Outlook, go to People pane, and create a new contact folder, for instance named Owncloud.
  • Open menu CalDav Synchronizer → Synchronization profiles.
  • Click Add new profile. For Owncloud, we enter the following settings:
  • Select profile type Generic CalDAV/CardDAV.
  • Enter DAV Url, replace XYZ with user login:
  • Enter username and password.
  • Select Synchronize items immediately after change.
Troubleshoot
  • hexadecimal value 0x1E, is an invalid character tickets 517
Fixed by browsing calendar on Owncloud web interface, narrowing down offending month, then week, then day. Delete all entries on that day.